13–12 CompTIA Linux+ Certification, Powered by LPI
Routing and firewalls
Routing is a network service that enables packets from one network to be sent to another
network. Recall that IP addresses have two parts: the network address and host address.
Without routing, packets addressed to one network cannot reach another network.
Keep in mind that IP network addresses are logical constructs. Even if two computers
share the same physical networking medium, they are unable to communicate if they are
configured on separate IP networks.
Basic routing tables
On every computer, the kernel maintains a basic routing table. The computer uses this
table to determine to which network it belongs and through which interface to direct
packets. For example, Exhibit 13-3 illustrates a basic routing table. Packets destined for
the 192.168.1 network are sent via the eth0 interface. Packets for other networks are
sent to the default gateway, WRT160N, also via eth0.
Exhibit 13-3: A basic routing table
A multihomed computer is one with two or more network cards. On such computers,
each interface is connected to a separate network. You can create a more complex
routing table that helps the computer determine where packets should be sent. Once you
have done so, the computer can listen on one interface and send packets to another
interface as they arrive.
A computer that forwards packets in this manner is called a router. Dedicated devices
for this purpose are also called routers.
To enable routing, or IP forwarding as it’s sometimes called, you must activate the
service. You do so by modifying the /proc/sys/net/ipv4/ip_forward file. If that file
contains a 1, routing is enabled; if it contains a 0, routing is disabled.